October 31, 2011
UK Increasingly Targeted In Cyber Attacks
The United Kingdom has suffered a series of “disturbing” cyber attacks, including a recent serious, yet unsuccessful, assault on the Foreign Office´s network, Iain Lobban, the director of the Government Communications Headquarters (GCHQ), said on Monday.
GCHQ, the UK´s spy agency similar to the National Security Agency in the US, handles operations such as intelligence-gathering and code-busting and is the heart of Britain´s cyber defenses.
Lobban told British newspaper, The Times, that the attacks posed a threat to Britain´s economic wellbeing, as sensitive data on government computers were targeted, along with defense, technology and engineering firms´ designs.
“The volume of e-crime and attacks on government and industry systems continue to be disturbing,” Lobban said. “I can attest to attempts to steal British ideas and designs to gain commercial advantage or to profit from secret knowledge of contractual arrangements.”
Lobban rarely makes public comments, and his article comes nearly a year after he gave a speech saying countries were using cyber warfare techniques to attack each other.
“We are also aware of similar techniques being employed to try to acquire sensitive information from British government computer systems, including one significant (but unsuccessful) attempt on the Foreign Office and other government departments this summer,” he told The Times.
“Criminals are using cyberspace to extort money and steal identities, as well as exploit the vulnerable. Increasingly sophisticated techniques target individuals. We are witnessing the development of a global criminal market place — a parallel black economy where cyber dollars are traded in exchange for UK citizens´ credit card details. Tackling cyber crime matters and it is a very real threat to our prosperity,” Lobban added.
He declined to give further details.
Lobban´s article comes before a conference in London on Tuesday on cyber-security. It is scheduled to be attended by political leaders and technology experts. Among the delegates will be US Secretary of State Hilary Clinton, Wikipedia co-founder Jimmy Wales, and Foreign Secretary William Hague.
Experts around the world have increasingly been warning about growing cyber threats from other countries and from organized criminals.
A dramatic increase occurred last year in reported cyber attacks linked to governments, from attempts to steal data from the International Monetary Fund and other high-profile organizations, Many incidents blamed on China, to the Stuxnet computer worm attack on Iran´s nuclear program.
Foreign Secretary Hague told The Times there had been an “exponential rise” in incidents, with welfare and tax databases among the most vulnerable systems for attackers.
“Countries that cannot maintain cybersecurity of their banking system, of the intellectual property of their companies, will be at a serious disadvantage in the world,” he added.
One attack, interrupted by GCHQ and the Serious Organized Crime Agency, included more than a million stolen identities being traded. The discovery of the attack this summer prevented close to $500 million worth of debit and credit card fraud, according to Hague.
Organized crime networks were in an “arms race” trying to steal money and ideas, in which “new techniques are adopted every day.” The government was putting more than $1 billion into preventing attacks over the next four years, and was already fighting problems each hour of each day, said Hague.
“It is vital that businesses work with the government to become aware of all the threats they face and work with us on their defenses,” he said.
Governments did not and should not control the internet, said Hague, but he hoped for a “common sense of what the acceptable norm of behavior in cyberspace” ought to be. The enormous benefits of the rise of the internet must be balanced with the risk, he said.
The Guardian revealed in May how the UK was developing a cyber weapons program to counter the growing threats to national security.
Hague told a security conference in February that the Foreign Office had prevented a cyber-attack a month earlier from “a hostile state intelligence agency.” Sources told the Guardian at the time that the attack was believed to be from Chinese intelligence agencies. Hague added that the infection came from the “Zeus” computer virus after users opened an email purporting to come from the White House and followed a link inside that email.
The government has been criticized for failing to strengthen its stance on protecting its critical systems from cyber attack. The vast majority of critical infrastructure in the UK is privately owned.
Policy institute Chatham House said there is reluctance by government to share information with private companies that might be targeted. The government has criticized those same companies for putting up with an “unacceptably high level of risk.” It also says it ranks cyber security a top priority.
British Foreign Secretary William Hague told the Times there were more than 600 “malicious” attacks on British government systems every day, while criminals could obtain stolen credit card details of Britons over the Internet for just 70 pence ($1.12).
He said countries which could not protect their banking systems and intellectual property would be at a serious disadvantage in future.
“It will be harder for businesses to grow and survive and for individuals to maintain their confidential information,” Hague said. “That is why it is urgent to prevent this.”
On the Net: